IMPS: an interactive mathematical proof system
Journal of Automated Reasoning
Optimal efficiency of optimistic contract signing
PODC '98 Proceedings of the seventeenth annual ACM symposium on Principles of distributed computing
Efficient verifiable encryption (and fair exchange) of digital signatures
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Authentication tests and the structure of bundles
Theoretical Computer Science
Abuse-Free Optimistic Contract Signing
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
A Meta-Notation for Protocol Analysis
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Multiset rewriting and the complexity of bounded security protocols
Journal of Computer Security
Generic non-repudiation protocols supporting transparent off-line TTP
Journal of Computer Security - On IWAP'05
A Certified Email Protocol Using Key Chains
AINAW '07 Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops - Volume 01
Cryptographic Protocol Composition via the Authentication Tests
FOSSACS '09 Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Automatic Methods for Analyzing Non-repudiation Protocols with an Active Intruder
Formal Aspects in Security and Trust
Searching for shapes in cryptographic protocols
TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
Programming cryptographic protocols
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
Optimistic fair exchange of digital signatures
IEEE Journal on Selected Areas in Communications
| Hi-index | 0.00 |
Many cryptographic protocols are intended to coordinate state changes among principals. Exchange protocols, for instance, coordinate delivery of new values to the participants, i.e. additions to the set of values they possess. An exchange protocol is fair if it ensures that delivery of new values is balanced: If one participant obtains a new possession via the protocol, then all other participants will, too. Understanding this balanced coordination of different principals in a distributed system requires relating (long-term) state to (short-term) protocol activities. Fair exchange also requires progress assumptions. In this paper we adapt the strand space framework to protocols, such as fair exchange, that coordinate state changes. We regard the state as a multiset of facts, and we allow protocol actions to cause local changes in this state via multiset rewriting. Second, progress assumptions stipulate that some channels are resilient--and guaranteed to deliver messages--and some principals will not stop at critical steps. Our proofs of correctness cleanly separate protocol properties, such as authentication and confidentiality, from properties about progress and state evolution. G. Wang's recent fair exchange protocol illustrates the approach.